xenial (1) pts_adduser.1.gz

Provided by: openafs-client_1.6.15-1ubuntu1.1_amd64 bug

NAME

       pts_adduser - Adds a user or machine to a Protection Database group

SYNOPSIS

       pts adduser -user <user name>+ -group <group name>+
           [-cell <cell name>] [-noauth] [-localauth] [-force] [-help]

       pts ad -u <user name>+ -g <group name>+
           [-c <cell name>] [-n] [-l] [-f] [-h]

DESCRIPTION

       The pts adduser command adds each user or machine entry named by the -user argument as a member of each
       group named by the -group argument.

       To remove members of a group, use the pts removeuser command. To list the groups to which a user or
       machine belongs, or the members of a specified group, use the pts membership command.

CAUTIONS

       After being added as a group member, a currently authenticated user must reauthenticate (for example, by
       issuing the aklog or klog.krb5 commands) to obtain permissions granted to the group on an access control
       list (ACL).

OPTIONS

       -user <user name>+
           Specifies the name of each user or machine entry to add to each group named by the -group argument.
           The name of a machine entry resembles an IP address and can use the wildcard notation described on
           the pts createuser reference page. The user or machine entry must already exist in the Protection
           Database.

       -group <group name>+
           Specifies the complete name (including the owner prefix if applicable) of each group to which to add
           members. The group entry must already exist in the Protection Database.

       -cell <cell name>
           Names the cell in which to run the command. For more details, see pts(1).

       -force
           Enables the command to continue executing as far as possible when errors or other problems occur,
           rather than halting execution at the first error.

       -help
           Prints the online help for this command. All other valid options are ignored.

       -localauth
           Constructs a server ticket using a key from the local /etc/openafs/server/KeyFile file. Do not
           combine this flag with the -cell or -noauth options. For more details, see pts(1).

       -noauth
           Assigns the unprivileged identity anonymous to the issuer. For more details, see pts(1).

EXAMPLES

       The following example adds user smith to the group system:administrators.

          % pts adduser -user smith -group system:administrators

       The following example adds users "jones", "terry", and pat to the smith:colleagues group.

          % pts adduser -user jones terry pat -group smith:colleagues

       The following example adds the machine entries in the ABC Corporation subnet to the group "bin-prot".
       Because of the IP address range of the ABC Corporation subnet, the system administrator was able to group
       the machines into three machine entries (using the wildcard notation discussed on the pts createuser
       reference page).

          % pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot

PRIVILEGE REQUIRED

       The required privilege depends on the setting of the fourth privacy flag in the Protection Database entry
       for each group named by the -group argument (use the pts examine command to display the flags):

       •   If it is the hyphen, only the group's owner and members of the system:administrators group can add
           members.

       •   If it is lowercase "a", current members of the group can add new members.

       •   If it is uppercase "A", anyone who can access the cell's database server machines can add new
           members.

SEE ALSO

       pts(1), pts_createuser(1), pts_examine(1), pts_membership(1), pts_removeuser(1), pts_setfields(1)

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD
       by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth
       Cassell.